Proliferation Financing: Weapons, Controls & Your Obligations

FATF Definition

FATF's Glossary (October 2021 revision) defines proliferation financing as:

Note the breadth: PF covers not just the weapons themselves but the means of delivery, related materials, technologies, and dual-use goods. It covers the full chain from manufacture through to transfer.

Proliferation Financing vs Terrorist Financing

PF and TF are legally distinct concepts with different FATF Recommendations, different UNSC legal bases, and different risk profiles:

Why Financial Institutions Are Exposed

FIs do not typically handle WMD directly — but they provide the financial infrastructure through which proliferation networks operate:

• Trade finance: Letters of credit, documentary collections, and trade guarantees can be used to finance the purchase and movement of dual-use goods.
• Correspondent banking: Cross-border payment flows passing through correspondent banks may carry proceeds from prohibited transactions.
• Shell company accounts: Front companies hold accounts at FIs to receive and send payments for prohibited transactions while appearing to be legitimate businesses.
• Cryptocurrency: Virtual assets are used to move value outside the traditional financial system, particularly by DPRK-linked networks.

FATF Recommendation 7 — Targeted Financial Sanctions for PF

R.7 requires countries to implement targeted financial sanctions (TFS) to comply with UN Security Council resolutions relating to the prevention, suppression, and disruption of WMD proliferation and its financing.

Core Obligations Under the Interpretive Note to R.7

1. Freeze without delay: Upon designation by the relevant UNSC Committee, FIs must freeze assets with no prior notice to the customer — even a few minutes' notice could allow assets to be moved.
2. No funds made available: FIs must ensure no funds, financial assets, or economic resources are made available directly or indirectly to or for the benefit of designated persons or entities.
3. Broad scope of "funds": Bank accounts, securities, insurance policies, property rights — any economic resources. Not just cash.
4. Ongoing monitoring: Continuous screening to identify newly designated parties within the existing customer base and in transaction flows.
5. Reporting: FIs must report any frozen assets or actions taken to the FIU or designated competent authority.
6. De-listing procedures: FIs must unfreeze upon de-listing and have procedures to handle affected customers.

UN Security Council Resolution 1718 (2006) — DPRK

UNSCR 1718 was adopted on 14 October 2006 in response to North Korea's first nuclear test. It:

• Requires all UN Member States to freeze assets of persons/entities designated by the 1718 Sanctions Committee.
• Prohibits financial services contributing to DPRK's WMD or ballistic missile programmes.
• Has been significantly strengthened by subsequent resolutions: 1874 (2009), 2094 (2013), 2270 (2016), 2321 (2016), 2375 (2017), 2397 (2017).

DPRK has been on the FATF Black List since 2009 — requiring enhanced due diligence for all transactions with DPRK-connected persons and entities.

UN Security Council Resolution 2231 (2015) — Iran

The Iran sanctions regime is more complex than DPRK's:

• UNSCR 1737 (2006): First targeted Iran's nuclear and ballistic missile programmes, requiring asset freezes of designated entities.
• UNSCR 2231 (2015): Adopted to endorse the Joint Comprehensive Plan of Action (JCPOA). Terminated previous Iran nuclear sanctions resolutions upon JCPOA implementation.
• US withdrawal (2018): The United States withdrew from the JCPOA in May 2018 and reimposed OFAC sanctions — these are broader than UNSCR 2231 obligations.
• Snapback: The "snapback" mechanism in UNSCR 2231 was triggered by certain parties in 2020, restoring some UN sanctions.

The October 2020 Extension of R.1 to PF

Prior to October 2020, Recommendation 1 (the risk-based approach) did not explicitly apply to proliferation financing. FIs were only required to screen against designated lists under R.7 — a rules-based obligation.

The October 2020 amendment to R.1 changed this fundamentally. The Interpretive Note to R.1 now requires countries and FIs to:

• Identify, assess, and understand their proliferation financing risks.
• Take action commensurate with those risks.
• Include PF risk in enterprise-wide risk assessments (EWRA).

Two Distinct PF Obligations

Understanding the difference between these two obligations is critical:

An FI can be fully compliant with R.7 (screening all customers against designated lists) while still failing its R.1/PF obligations (not having assessed its broader PF exposure across products and customers).

PF Risk Assessment — Key Factors

The FATF June 2021 guidance on PF Risk Assessment and Mitigation identifies the following factors for FIs to consider in their sector-level PF risk assessment:

Trade Finance and Dual-Use Goods Controls

For FIs active in trade finance, PF risk assessment must include:

• Understanding the nature of goods being financed (consult international dual-use goods control lists — EU Common Military List, Wassenaar Arrangement, Australia Group, etc.).
• Checking end-use and end-user certificates where appropriate — who is the actual recipient and what is the stated purpose?
• Country-of-origin and transit-country analysis — does the routing make commercial sense, or does it suggest an attempt to evade jurisdiction controls?
• Invoice and document plausibility checks — do the descriptions, quantities, and prices match the stated goods?

The Three Main Screening Lists

FIs must screen customers and transactions against multiple lists. These lists are not identical — an entity may appear on one but not others:

Common PF Evasion Typologies

Shell Companies and Layered Corporate Structures

PF networks use shell companies in non-sanctioned third countries to obscure the ultimate end-user of funds and goods. UN Panel of Experts reports on DPRK have documented specific third-country hubs used by DPRK procurement networks — often in Southeast Asia, the Middle East, and Africa. Nominee directors and bearer shares further obscure the ownership chain.

Trade-Based Proliferation Financing

Trade transactions are particularly vulnerable to PF evasion. Common techniques include:

• False declarations: Misrepresenting dual-use items as civilian goods on shipping documents (e.g., "industrial equipment" rather than precision manufacturing tools with WMD applications).
• Over/under-invoicing: Moving value across borders through inflated or deflated invoice amounts.
• Multiple re-invoicing: Cycling transactions through intermediary companies in third countries to obscure the original and final parties.
• Free trade zone exploitation: Using free trade zones where documentation controls are less rigorous to break transaction chains.

Indicators for Trade Finance Teams

Red flags for potential PF in trade transactions:

• Goods inconsistent with the buyer's or seller's known business.
• Routing through third countries with no commercial logic (e.g., electronics from Japan to Dubai to North Africa with no direct trade relationship).
• Unusually high unit prices for commodity goods (possible over-invoicing).
• Requests to omit standard end-use certificates.
• Parties with connections to sanctioned jurisdictions, even via indirect corporate links.

DPRK's Lazarus Group — Cryptocurrency and WMD Financing

North Korea's state-sponsored hacking group, known as Lazarus Group, has become the most significant state-level actor using cryptocurrency to finance weapons programmes. UN Panel of Experts reports (S/2024/215 and prior) document that:

• Lazarus Group has stolen over USD 3 billion in cryptocurrency since 2017 through exchange hacks, phishing attacks on DeFi protocols, and social engineering of crypto employees.
• These proceeds fund DPRK's ballistic missile tests and nuclear weapons programme — directly linking VASP compliance failures to proliferation financing.
• The group uses sophisticated laundering techniques: chain-hopping (Bitcoin → Monero → Ethereum), cross-chain bridges, and mixers to break traceability.
• Specific wallet addresses associated with Lazarus Group have been designated by OFAC and flagged by the UN — FIs and VASPs must screen against these.

Front Companies in Engineering and Electronics

DPRK and Iran procurement networks use front companies — businesses with legitimate-appearing commercial activity in engineering, electronics, chemicals, or aerospace — to purchase dual-use components from global suppliers. Key characteristics of PF front companies documented in UN Panel of Experts reports:

• Registered in third countries (common jurisdictions include Malaysia, China, Singapore, UAE, and various African countries) — not in sanctioned jurisdictions themselves.
• May have real business operations to maintain cover — genuine sales and purchases alongside prohibited transactions.
• Often linked through corporate structures to entities on UN or OFAC lists, but with multiple layers of obscuration.
• Use correspondent banking relationships to process payments in hard currency (USD, EUR).

For FIs, the challenge is that front companies look like legitimate customers at onboarding. The key is ongoing monitoring of transaction patterns — orders inconsistent with stated business, payments to jurisdictions or entities linked to sanctioned networks, or unusually large orders for specific components.

Practical Controls for FIs

Based on FATF June 2021 guidance, FIs should implement the following PF-specific controls: